keys

package module

v0.4.2 Latest Latest Go to latest Published: Jul 7, 2023 License: MIT Imports: 18 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ovotech/cloud-key-client

Links

Open Source Insights

README ¶

Cloud-Key-Client

Cloud-Key-Client is a Golang client that connects up to cloud providers either to collect details of Service Account keys, or manipulate them.

Install as a Go Dependency

go get -u github.com/ovotech/cloud-key-client

Getting Started

package main

import (
	"fmt"

	keys "github.com/ovotech/cloud-key-client"
)

func main() {
	providers := []keys.Provider{}

	// create a GCP provider
	gcpProvider := keys.Provider{
		GcpProject: "my-gcp-project-id",
		Provider:   "gcp",
	}
	// create an AWS provider
	awsProvider := keys.Provider{
		// no need to specify any account ID here
		Provider: "aws",
	}
	// create an Aiven provider
	aivenProvider := keys.Provider{
		Provider: "aiven",
		Token: "my-aiven-api-token"
	}

	// add both providers to the slice
	providers = append(providers, gcpProvider)
	providers = append(providers, awsProvider)
	providers = append(providers, aivenProvider)

	// use the cloud-key-client
	keys, err := keys.Keys(providers, true)
	if err != nil {
		fmt.Print(err)
		return
	}
	for _, key := range keys {
		fmt.Printf("%s, ID: ****%s, Age: %dd, Status: %s\n",
			key.Account,
			key.ID[len(key.ID)-4:],
			int(key.Age/1440),
			key.Status)
	}
}

Purpose

This client could be useful for obtaining key metadata, such as age, and performing create and delete operations for key rotation. Multiple providers can be accessed through a single interface.

Integrations

The following cloud providers have been integrated:

AWS
Aiven
GCP

No config is required, you simply need to pass a slice of Provider structs to the keys() func.

Authentication is handled by the Default Credential Provider Chains for both GCP and AWS.

Documentation ¶

Index ¶

func CreateKey(key Key) (string, string, error)
func CreateKeyFromScratch(provider Provider, account string) (string, string, error)
func DeleteKey(key Key) error
func RegisterProvider(providerName string, provider ProviderInterface)
type AivenKey
type AwsKey
type CreateTokenResponse
type Error
type GcpKey
type Key
- func Keys(providers []Provider, includeInactiveKeys bool) (keys []Key, err error)
type ListTokensResponse
type Provider
type ProviderInterface
type RevokeTokenResponse
type Token

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateKey ¶

func CreateKey(key Key) (string, string, error)

CreateKey creates a new key using details of the provided key

func CreateKeyFromScratch ¶

func CreateKeyFromScratch(provider Provider, account string) (string, string, error)

CreateKeyFromScratch creates a new key from just provider and account parameters (an existing key is not required)

func DeleteKey ¶

func DeleteKey(key Key) error

DeleteKey deletes the specified key

func RegisterProvider ¶

func RegisterProvider(providerName string, provider ProviderInterface)

RegisterProvider informs the tool about a new cloud provider, in addition to AWS and GCP, and registers it under a unique key

Types ¶

type AivenKey ¶ added in v0.4.0

type AivenKey struct{}

AivenKey type

func (AivenKey) CreateKey ¶ added in v0.4.0

func (a AivenKey) CreateKey(project, account, token string) (keyID string, newKey string, err error)

CreateKey creates a new Aiven API token

func (AivenKey) DeleteKey ¶ added in v0.4.0

func (a AivenKey) DeleteKey(project, account, keyID, token string) (err error)

DeleteKey deletes the specified Aiven API token

func (AivenKey) Keys ¶ added in v0.4.0

func (a AivenKey) Keys(project string, includeInactiveKeys bool, apiToken string) (keys []Key, err error)

Keys returns a slice of keys (or tokens in this case) for the user who owns the apiToken

type AwsKey ¶

type AwsKey struct{}

AwsKey type

func (AwsKey) CreateKey ¶

func (a AwsKey) CreateKey(project, account, token string) (keyID, newKey string, err error)

CreateKey creates a key in the provided account

func (AwsKey) DeleteKey ¶

func (a AwsKey) DeleteKey(project, account, keyID, token string) (err error)

DeleteKey deletes the specified key from the specified account

func (AwsKey) Keys ¶

func (a AwsKey) Keys(project string, includeInactiveKeys bool, token string) (keys []Key, err error)

Keys returns a slice of keys from any authorised accounts

type CreateTokenResponse ¶ added in v0.4.0

type CreateTokenResponse struct {
	CreateTime      string  `json:"create_time"`
	CreatedManually bool    `json:"created_manually"`
	Errors          []Error `json:"errors"`
	ExtendWhenUsed  bool    `json:"extend_when_used"`
	FullToken       string  `json:"full_token"`
	MaxAgeSeconds   int     `json:"max_age_seconds"`
	Message         string  `json:"message"`
	TokenPrefix     string  `json:"token_prefix"`
}

CreateTokenResponse type

type Error ¶ added in v0.4.0

type Error struct {
	Message  string `json:"message"`
	MoreInfo string `json:"more_info"`
	Status   int    `json:"status"`
}

Error type

type GcpKey ¶

type GcpKey struct{}

GcpKey type

func (GcpKey) CreateKey ¶

func (g GcpKey) CreateKey(project, account, token string) (keyID, newKey string, err error)

CreateKey creates a key in the provided account

func (GcpKey) DeleteKey ¶

func (g GcpKey) DeleteKey(project, account, keyID, token string) (err error)

DeleteKey deletes the specified key from the specified account

func (GcpKey) Keys ¶

func (g GcpKey) Keys(project string, includeInactiveKeys bool, token string) (keys []Key, err error)

Keys returns a slice of keys from any authorised accounts

type Key ¶

type Key struct {
	Account       string
	FullAccount   string
	Age           float64
	ID            string
	LifeRemaining float64
	Name          string
	Provider      Provider
	Status        string
}

Key type

func Keys ¶

func Keys(providers []Provider, includeInactiveKeys bool) (keys []Key, err error)

Keys returns a generic key slice of potentially multiple provider keys

type ListTokensResponse ¶ added in v0.4.0

type ListTokensResponse struct {
	Errors  []Error `json:"errors"`
	Message string  `json:"message"`
	Tokens  []Token `json:"tokens"`
}

ListTokensResponse type

type Provider ¶

type Provider struct {
	Provider   string
	GcpProject string
	Token      string
}

Provider type

type ProviderInterface ¶

type ProviderInterface interface {
	Keys(project string, includeInactiveKeys bool, token string) (keys []Key, err error)
	CreateKey(project, account, token string) (keyID, newKey string, err error)
	DeleteKey(project, account, keyID, token string) (err error)
}

ProviderInterface type

type RevokeTokenResponse ¶ added in v0.4.0

type RevokeTokenResponse struct {
	Errors  []Error `json:"errors"`
	Message string  `json:"message"`
}

RevokeTokenResponse type

type Token ¶ added in v0.4.0

type Token struct {
	CreateTime      string `json:"create_time"`
	CurrentlyActive bool   `json:"currently_active"`
	Description     string `json:"description"`
	TokenPrefix     string `json:"token_prefix"`
}

Token type

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL